From eac28ff49a280cbf0ca4e493a851c1bf555daab6 Mon Sep 17 00:00:00 2001
From: fraliv13 <5892139+fraliv13@users.noreply.github.com>
Date: Wed, 18 May 2022 10:48:30 +0300
Subject: [PATCH] Added helm vault configuration

---
 helm/templates/provisioner-deployment.yaml | 13 +++++++++++--
 helm/values.yaml                           |  3 +++
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/helm/templates/provisioner-deployment.yaml b/helm/templates/provisioner-deployment.yaml
index 9836ce8..8d614fe 100644
--- a/helm/templates/provisioner-deployment.yaml
+++ b/helm/templates/provisioner-deployment.yaml
@@ -54,8 +54,17 @@ spec:
         - name: PULUMI_ACCESS_TOKEN
           valueFrom:
             secretKeyRef:
-              name: pulumi-api-secret
-              key: accessToken
+              name: provisioner-secrets
+              key: pulumiAccessToken
+        {{- if .Values.global.vault.enabled }}              
+        - name: VAULT_ADDR
+          value: "{{ .Values.global.vault.address }}"
+        - name: VAULT_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name:  provisioner-secrets
+              key: vaultAccessToken
+        {{- end }}              
         command:
         - "/tenant-provisioner"
         args:
diff --git a/helm/values.yaml b/helm/values.yaml
index 7a1b02c..c8a0733 100644
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -4,3 +4,6 @@ global:
   imagePullPolicy: IfNotPresent
   imagePullSecrets: "registrykey"
   logLevel: 4
+  vault:
+    enabled: true
+    address: http://vault.vault:8200